7d17eef7a7
Updated several msftidy [WARNING] Spaces at EOL issues.
2013-09-19 20:35:08 -07:00
955365d605
Land #2391 - MS13-071 Microsoft Windows Theme File Handling Vulnerability
2013-09-19 22:21:09 -05:00
9b486e1dbb
Add comment about the smb_* methods
2013-09-19 13:23:46 -05:00
628cfe8e67
Land #2393 , tape_engine_8A filename disambiguation
2013-09-19 10:31:40 -05:00
ef72b30074
Include the post requires until #2354 lands
...
Another one that needs the manual require. See #2354
2013-09-19 09:47:01 -05:00
fb72e7f02a
Disambiguate tape_engine_8A as tape_engine_0x8a
...
This will reopen #2358 to avoid filename collisions on Windows, Rubymine
environments, etc.
2013-09-19 09:35:31 -05:00
058e0fdd80
Changed ret to push esp C:\WINDOWS\system32\msvcrt.dll
2013-09-19 07:21:51 -07:00
8fe9132159
Land #2358 , deprecate funny names
2013-09-18 14:55:33 -05:00
766e96510d
Added minor indentation updates
2013-09-18 12:12:35 -07:00
60d448f600
Add minor cleanup
2013-09-18 14:10:13 -05:00
db8881966e
Merge remote-tracking branch 'upstream/master'
2013-09-18 12:02:01 -07:00
68647c7363
Add module for MS13-071
2013-09-18 13:40:35 -05:00
8728a9a3b7
Bumping out deprecation date
...
Pray I don't alter the deprecation date further.
2013-09-18 11:00:35 -05:00
6cbe371381
minor change
2013-09-17 20:33:46 -07:00
0052f9712b
Updated hard tabs per new requirement
2013-09-17 17:42:01 -07:00
9a555d8701
Fix the modules added since the branch
2013-09-17 18:25:12 -05:00
150f0f644e
Merge branch 'rapid7' into bug/osx-mods-load-order
...
Conflicts:
modules/post/windows/gather/enum_dirperms.rb
2013-09-17 18:21:13 -05:00
52a1b5fa57
updated pcman_stor_msf.rb module with community feedback.
2013-09-16 17:43:10 -07:00
226a75b5da
updated pcman_stor_msf.rb module with community feedback.
2013-09-16 17:37:29 -07:00
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
d4f2e72b9c
updated module to include msftidy.rb
2013-09-16 12:46:13 -07:00
82e3910959
added PCMan's FTP Server Crafted Multiple Command Handling Remote Buffer Overflow (OSVDB 94624)
2013-09-16 12:40:36 -07:00
92cf886e49
updated module to include msftidy.rb
2013-09-16 12:38:00 -07:00
4c83336944
Delete pcman_stor_msf.rb
...
delete because of commit issues.
2013-09-16 12:25:39 -07:00
f657f4d145
added PCMan's FTP Server Crafted Multiple Command Handling Remote Buffer Overflow (OSVDB 94624)
2013-09-16 09:57:27 -07:00
67cd62f306
Land #2366 - HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
2013-09-16 01:44:23 -05:00
54e9cd81f3
Add module for ZDI-13-226
2013-09-13 17:31:51 -05:00
10303a8c2a
Delete debug print_status
2013-09-13 17:05:23 -05:00
dca4351303
Add check function
2013-09-13 16:51:14 -05:00
f7c4e081bb
Add module for ZDI-13-225
2013-09-13 16:40:28 -05:00
4847976995
Update information about original discovery
...
Update info about original discovoery. See #2337 too.
2013-09-13 10:42:11 -05:00
76f27ecde8
Require the deprecation mixin in all modules
...
Because rememberin to require it, and hoping against a race is not how we
roll any more.
2013-09-12 15:49:33 -05:00
761042f14b
require the deprecated mixin
2013-09-12 15:42:01 -05:00
968f299772
Deprecate A-PDF exploit for filename change
...
See PT 56796034
See PT 56795804
2013-09-12 15:30:26 -05:00
58b634dd27
Remove unnecessary requires from post mods
2013-09-12 14:36:01 -05:00
d47de46d94
Deprecate brightstor/tape_engine_8A
...
This module is getting renamed to 8a, instead of 8A.
2013-09-12 13:59:44 -05:00
9ad1be7318
Make junk easier
2013-09-11 09:33:01 -05:00
825eb9d1ca
Add module for OSVDB 96208
2013-09-11 00:11:00 -05:00
4f1db80c24
Fix requires in new post modules
2013-09-10 11:13:07 -05:00
aff35a615b
Grammar fixes in descriptions
2013-09-09 15:09:53 -05:00
791b6f69c2
Land #2337 , @wchen-r7's exploit for MS13-055
2013-09-09 11:12:03 -05:00
0ee0168556
Retabbed
...
One kills a man, one is an assassin; one kills millions, one is a
conqueror; one kills a tab, one is a Metasploit dev.
2013-09-09 10:01:01 -05:00
6ab905e9e0
Less alignment
2013-09-09 09:39:02 -05:00
992bdcf530
Not from the future
2013-09-09 00:36:28 -05:00
c3db41334b
Add MS13-055 Internet Explorer Use-After-Free Vulnerability
...
In IE8 standards mode, it's possible to cause a use-after-free condition by first
creating an illogical table tree, where a CPhraseElement comes after CTableRow,
with the final node being a sub table element. When the CPhraseElement's outer
content is reset by using either outerText or outerHTML through an event handler,
this triggers a free of its child element (in this case, a CAnchorElement, but
some other objects apply too), but a reference is still kept in function
SRunPointer::SpanQualifier. This function will then pass on the invalid reference
to the next functions, eventually used in mshtml!CElement::Doc when it's trying to
make a call to the object's SecurityContext virtual function at offset +0x70, which
results a crash. An attacker can take advantage of this by first creating an
CAnchorElement object, let it free, and then replace the freed memory with another
fake object. Successfully doing so may allow arbitrary code execution under the
context of the user.
This bug is specific to Internet Explorer 8 only. It was originally discovered by
Orange Tsai at Hitcon 2013, but was silently patched in the July 2013 update, so
no CVE as of now.
2013-09-08 20:02:23 -05:00
7d4bf0c739
Retab changes for PR #2327
2013-09-05 23:25:41 -05:00
34b499588b
Merge for retab
2013-09-05 23:24:22 -05:00
473f08bbb6
Register cleanup and update check
2013-09-05 22:43:26 +01:00
400b433267
Sort out exception handling
2013-09-05 22:21:44 +01:00
d4043a6646
Spaces and change to filedropper
2013-09-05 20:41:37 +01:00
c5daf939d1
Stabs tabassassin
2013-09-05 20:36:52 +01:00
d0360733d7
Retab changes for PR #2282
2013-09-05 14:05:34 -05:00
49dface180
Merge for retab
2013-09-05 14:05:28 -05:00
9787bb80e7
Address @jlee-r7's feedback
2013-09-05 19:57:05 +01:00
845bf7146b
Retab changes for PR #2304
2013-09-05 13:41:25 -05:00
adf9ff356c
Merge for retab
2013-09-05 13:41:23 -05:00
5c06a471f9
Get the call result
2013-09-05 08:33:35 -05:00
3681955f68
Use Msf::Config.data_directory
2013-09-05 08:28:50 -05:00
6b1d7545d6
Refactor, avoid duplicate code
2013-09-05 08:26:49 -05:00
b6245eea72
Update target info
2013-09-04 16:43:26 -05:00
34b3ee5e17
Update ranking and description
2013-09-04 16:10:15 -05:00
94125a434b
Add module for ZDI-13-205
2013-09-04 15:57:22 -05:00
3066e7e19d
ReverseConnectRetries ftw
2013-09-04 00:16:19 +01:00
a8e77c56bd
Updates
2013-09-03 22:46:20 +01:00
ac0c493cf9
Merge branch 'master' of github.com:rapid7/metasploit-framework into local_win_priv_keyring
2013-09-03 21:33:11 +01:00
84aaf2334a
Retab new material
2013-09-03 11:47:26 -05:00
0c1e6546af
Update from master
2013-09-03 11:45:39 -05:00
ca8dacb93b
Minor module description updates for grammar.
2013-09-03 10:31:45 -05:00
ac0b14e793
Add the missing CVE reference
...
Was looking at all the 2013 exploit modules for missing CVE references
2013-08-31 18:54:16 -05:00
0736677a01
Land #2299 - Add powershell support & removes ADODB.Stream requirement
2013-08-31 00:32:23 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
5b32c63a42
Land #2308 , @wchen-r7's exploit for MS13-059
2013-08-30 10:59:36 -05:00
ea8cd2dc46
Update authors list
2013-08-30 10:52:39 -05:00
a283f1d4fa
Correct module title
2013-08-30 10:50:35 -05:00
f4e09100bd
Correct file name
2013-08-30 10:50:05 -05:00
38dbab9dd0
Fix typos
2013-08-30 10:43:26 -05:00
0a1b078bd8
Add CVE-2013-3184 (MS13-058) CFlatMarkupPointer Use After Free
...
Please see module description for more info.
2013-08-30 03:16:28 -05:00
657be3a3d9
Fix typo
2013-08-29 14:42:59 -05:00
4a6bf1da7f
Add module for ZDI-13-207
2013-08-29 14:09:45 -05:00
63adde2429
Fix load order in posts, hopefully forever
2013-08-29 13:37:50 -05:00
a12f5092dd
Encode the powershell cmd
2013-08-28 22:37:11 +01:00
aa0563244b
Update unsafe scripting module
2013-08-28 22:30:46 +01:00
b0226cab79
Land #2290 - HP LoadRunner lrFileIOService ActiveX Vulnerability
2013-08-27 11:19:43 -05:00
997c5e5516
Land #2291 , @todb-r7's patch for oracle_endeca_exec's requires
2013-08-27 11:01:21 -05:00
15b741bb5f
Require the powershell mixin explicitly
2013-08-27 10:36:51 -05:00
f59f57e148
Randomize object id
2013-08-27 10:35:06 -05:00
66fa1b41aa
Fix logic to spray correctly IE9
2013-08-27 09:57:55 -05:00
7a4d781538
Land #2274 - Firefox XMLSerializer Use After Free
2013-08-26 20:53:42 -05:00
4cbdf38377
updated contact info
...
MASTER OF DISASTER
ULTRA LASER
:::::::-. :::::::.. :::::::-. ... ... . :
;;, `';,;;;;``;;;; ;;, `';, .;;;;;;;. .;;;;;;;. ;;,. ;;;
`[[ [[ [[[,/[[[' `[[ [[,[[ \[[,,[[ \[[,[[[[, ,[[[[,
$$, $$ $$$$$$c $$, $$$$$, $$$$$$, $$$$$$$$$$$"$$$
888_,o8P' 888b "88bo,d8b 888_,o8P'"888,_ _,88P"888,_ _,88P888 Y88" 888o
MMMMP"` MMMM "W" YMP MMMMP"` "YMMMMMP" "YMMMMMP" MMM M' "MMM
2013-08-26 16:14:49 -07:00
6b15a079ea
Update for grammar in descriptions on new modules.
2013-08-26 14:52:51 -05:00
05f1622fcb
Fix require
2013-08-26 16:21:18 +01:00
3b9ded5a8e
BypassUAC now checks if the process is LowIntegrityLevel
...
and fails if so. Some small improvements made to Post::Priv
and BypassUAC module.
2013-08-26 13:54:55 +01:00
f8d1d29648
Add module for ZDI-13-182
2013-08-25 23:07:08 -05:00
82cf812311
Switch to PrependMigrate
2013-08-24 10:46:04 -05:00
7b5e98d57e
Land #2269 - Oracle Endeca Server Remote Command Execution
2013-08-23 15:40:31 -05:00
ad214da3de
Switch to powershell to exec payload
2013-08-23 14:39:29 -05:00
a45f49e3b7
Use a new Ranking
2013-08-23 08:49:58 -05:00
ff6ad30be0
Add module for ZDI-13-006
2013-08-22 18:15:35 -05:00
965e2d88fe
Use normalize_uri
2013-08-21 16:49:24 -05:00
b72566b8aa
Add module for ZDI-13-190
2013-08-21 12:47:47 -05:00
ca313806ae
Trivial grammar and word choice fixes for modules
2013-08-19 13:24:42 -05:00
abd4fb778f
add osvdb ref for chasys overflow
2013-08-18 06:35:28 -05:00
a75a4906f2
Description update
2013-08-16 23:28:24 -05:00
a8cc15db20
Add module for ZDI-13-178
2013-08-16 18:13:18 -05:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
98e0053dc6
Fix indent level
2013-08-14 13:07:01 -05:00
7145a85fb4
Add MiniWeb (Build 300) Arbitrary File Upload
2013-08-15 01:01:46 +09:30
31cbc270fd
Favor unless over if for negative condition
2013-08-13 08:46:12 -05:00
bc9a26d4ee
Fix condition
2013-08-12 23:05:26 -05:00
568181de84
Add sthetic spaces
2013-08-12 22:33:34 -05:00
6d70d4924e
Land #2206 , @PsychoSpy module for OSVDB 94097
2013-08-12 22:27:03 -05:00
7981601eb8
Do final cleanup on intrasrv_bof
2013-08-12 22:24:53 -05:00
2d3c2c1c87
Set default target to 0 because there's only one
2013-08-12 20:01:23 -05:00
c0335cee26
Land #2214 - CVE-2013-3928: Chasys Draw IES Buffer Overflow
2013-08-12 19:16:02 -05:00
7562324d96
Land #2210 - CVE-2013-5019: Ultra Mini HTTPD Stack Buffer Overflow
2013-08-12 19:13:58 -05:00
51d9c59dcd
Extra tabs, bye
2013-08-12 19:13:20 -05:00
db78ffcc46
...
2013-08-12 18:21:10 -04:00
49bcec5c92
Additional cleanup
2013-08-12 18:20:03 -04:00
b3f229ff59
Add module for CVE-2013-3928
2013-08-12 17:18:30 -05:00
7014322dfd
Code cleanup
2013-08-12 18:16:00 -04:00
264fe32705
Added new badchars
2013-08-12 18:08:49 -04:00
bbc93b2a58
msftidy
2013-08-12 15:14:01 -04:00
28f030494e
Use tcp mixin/clean corrupt bytes
2013-08-12 15:12:15 -04:00
8ac01d3b8e
Fix description and make it aggressive
2013-08-12 11:19:25 -05:00
7854c452d2
Added more payload padding
2013-08-12 11:10:10 -04:00
9f33a59dc2
Fix target ret
2013-08-12 11:04:55 -04:00
6f96445b42
Change target ret/cleanup
2013-08-12 10:13:48 -04:00
a35d548979
Use HttpClient
2013-08-12 10:01:01 -04:00
d63d7bc7da
Add Open-FTPD 1.2 Writable Directory Traversal Execution
2013-08-12 08:49:49 +09:30
896320ed42
fix typo
2013-08-11 16:48:43 -04:00
4b14fa53e0
tidy debugs
2013-08-11 16:39:41 -04:00
90ef224c46
Implement CVE-2012-5019
2013-08-11 16:33:40 -04:00
185ef2ecae
msftidy
2013-08-10 16:01:44 -04:00
6fe4e3dd0e
Added Intrasrv 1.0 BOF
2013-08-10 15:56:07 -04:00
5128458c90
Land #2201 - Better check for ppr_flatten_rec
2013-08-09 14:44:23 -05:00
021c358159
Land #2203 - Fix regex for x64 detection
2013-08-09 13:23:38 -05:00
7178633140
Fixed architecture detection in bypassuac modules
2013-08-09 03:42:02 +02:00
318280fea7
Add 7/2k8 RTM versions
2013-08-08 20:02:14 +01:00
d64352652f
Adds unsupported Vista versions
2013-08-08 19:58:40 +01:00
08c32c250f
File versions
2013-08-08 19:42:14 +01:00
a03d71d60e
Land #2181 - More targets for hp_sys_mgmt_exec
...
Thanks mwulftange!
2013-08-08 13:35:33 -05:00
0f975da5f4
Update target info and something else...
2013-08-07 16:00:06 -05:00
d1beb313f6
Add module for 2013-1690
2013-08-07 15:36:54 -05:00
9790181dd2
Land #2176 , @wchen-r7's fix for [TestRM #8272 ]
2013-08-05 13:10:25 -05:00
40f015f596
Avoid require race with powershell
2013-08-05 09:56:32 -05:00
a885ff9bcc
Use consistent caps for 'PowerShell'
2013-08-05 09:33:49 -05:00
5ea67586c8
Rewrite description for MS13-005
...
The first part of the description was copy-pasted from
http://packetstormsecurity.com/files/122588/ms13_005_hwnd_broadcast.rb.txt
which contained some grammatical errors. Please try to avoid cribbing
other researchers' descriptions directly for Metasploit modules.
2013-08-05 09:29:29 -05:00
e7206af5b5
OSVDB and comment doc fixes
2013-08-05 09:08:17 -05:00
8cc07cc571
Merge Linux and Windows exploit in multi platform exploit
2013-08-02 18:49:03 +02:00
f927d1d7d3
Increase exploit reliability
...
From some limited testing, it appears that this exploit is
missing \x0d\x0a in the bad chars. If the generated payload / hunter
or egg contain that combination, it seems to cause reliability issues
and exploitation fails.
The home page for this software can be found at
http://www.leighb.com/intrasrv.htm
2013-08-02 09:06:20 +10:00
4a127c2ed2
Add hp_sys_mgmt_exec module for Linux and enhance module for Windows
...
The hp_sys_mgmt_exec module for Linux is a port of the Windows module with minor changes due to the requirement of quotes. It also uses Perl instead of PHP as PHP may not always be in the environment PATH. Although the Windows module works perfectly, it now uses the same technique to encode the command (thankfully, PHP adopted major syntax characteristics and functions from Perl).
2013-07-31 22:05:25 +02:00
8c47f1df2d
We don't need this option anymore
2013-07-31 03:30:34 -05:00
af0046658b
Change the way file is stored
2013-07-31 03:28:24 -05:00
7e539332db
Reverting disaster merge to 593363c5f with diff
...
There was a disaster of a merge at 6f37cf22eb593363c5f9
2013-07-29 21:47:52 -05:00
05be76ecb7
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-29 16:41:22 -05:00
ab75d00f8a
Land #2169 - Description update
2013-07-29 14:24:57 -05:00
7801eadbc2
psh description
2013-07-29 19:14:12 +01:00
455569aee8
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-29 12:10:12 -05:00
3a05993f16
Make msftidy happy and warn user about long times
2013-07-29 11:45:30 -05:00
37312f2aa9
Module, singular
2013-07-29 10:58:36 -05:00
11e9cca855
Spelling and description touch ups.
2013-07-29 10:57:19 -05:00
234e49d982
Add type technique
2013-07-26 23:33:16 +01:00
805a9675a7
Modify the check for Integrity Level and Allow dropt o fs
2013-07-26 14:54:50 -05:00
12a58c730a
Small fix
2013-07-26 10:15:47 +01:00
6a13ed0371
Missing include
2013-07-26 03:18:17 +01:00
72b8891ba3
Check for low integrity
2013-07-26 03:16:45 +01:00
030640d5bc
back to cmd
2013-07-26 03:00:36 +01:00
d3f3e5d63e
Working with psh download
2013-07-26 02:29:55 +01:00
b99ad41a64
Add api constants and tidy
2013-07-26 01:48:39 +01:00
0235e6803d
Initial working
2013-07-25 23:24:11 +01:00
5014919198
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-25 09:02:20 -05:00
dff35c0820
Minor update to Target Selection. Refer to comments on #2128 .
2013-07-24 19:02:47 -04:00
d478df520f
Merge remote-tracking branch 'rapid7/master'
...
Starting fresh.
2013-07-24 18:31:53 -04:00
e9a4f6d5da
Merge branch 'dll_fix' of https://github.com/Meatballs1/metasploit-framework
2013-07-24 14:00:52 -05:00
44cae75af1
Cleanup
2013-07-24 19:52:59 +01:00
dbad1a5e4c
Clean up description
2013-07-24 12:02:33 -05:00
18dbdb828f
Land #2133 , @Meatballs1's exploit for PSH Web Delivery
2013-07-24 12:01:37 -05:00
f79d3f7591
Shorten cmd
2013-07-24 17:48:03 +01:00
47c21dfe85
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-24 11:42:11 -05:00
8103baf21a
Update title
2013-07-24 17:29:23 +01:00
18ac83bec1
Final updates and tidy
2013-07-24 17:28:19 +01:00
b0c17fdebc
Land #2002 , @jlee-r7's patch for better handling uri resources
2013-07-23 15:49:21 -05:00
99a345f8d1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 13:54:26 -05:00
164153f1e6
Minor updates to titles and descriptions
2013-07-22 13:04:54 -05:00
15b0e39617
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-21 13:47:40 -05:00
e7e712fa01
EOL fix
2013-07-20 19:54:05 -05:00
ab515fb66d
Add the file format version of CVE-2013-1017
2013-07-20 19:50:09 -05:00
fe405d2187
Tidyup info
2013-07-19 23:50:59 +01:00
6fab3f6308
Add powershell cmdline
2013-07-19 23:24:54 +01:00
d1fdcfff91
Initial commit
2013-07-19 19:33:55 +01:00
f16ed32848
Added '2003 R2 SP2' to target selection
2013-07-19 09:57:09 -04:00
bdfad076b4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 15:43:58 -05:00
cb108a8253
Add module for ZDI-13-147
2013-07-18 15:37:11 -05:00
efb8591a49
Update apple_quicktime_rdrf references
2013-07-18 13:57:31 -05:00
1a5e0e10a5
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 13:53:57 -05:00
b90e1d54e2
Land #2117 - HP Managed Printing Administration jobAcct Command Exec
2013-07-18 13:21:11 -05:00
280529f885
Make some changes to the description
2013-07-18 13:20:36 -05:00
52079c960f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 12:52:42 -05:00
b94cde1d65
Name change for pyoor
2013-07-18 10:50:25 -05:00
104edd8e93
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 10:38:53 -05:00
3780b1b59f
Add module for ZDI-11-352
2013-07-18 09:39:55 -05:00
bf023f261a
Delete comma
2013-07-17 20:46:03 -05:00
7ee4855345
Fix msftidy and delete duplicate stack adjustment
2013-07-17 20:45:54 -05:00
6713fb1609
Fix typos
2013-07-17 18:06:40 -05:00
9ae7c80b15
Add more targets plus some other corrections
2013-07-17 14:43:41 -05:00
c85b994c07
Add CVE-2013-1017: Apple Quicktime Invalid Atom Length BoF
...
This module exploits a vulnerability found in Apple Quicktime. The
flaw is triggered when Quicktime fails to properly handle the data
length for certain atoms such as 'rdrf' or 'dref' in the Alis record,
which may result a buffer overflow by loading a specially crafted .mov
file, and allows arbitrary code execution under the context of the user.
2013-07-17 13:45:05 -05:00
c7361043ae
up to date
2013-07-17 11:47:06 -05:00
11f8b351c0
Merge branch 'nvidia' of https://github.com/Meatballs1/metasploit-framework
2013-07-17 11:44:42 -05:00
19b11cd6e2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-15 08:23:38 -05:00
94f8b1d177
Land #2073 , psexec_psh
2013-07-12 16:14:17 -05:00
f81369a10d
Don't make promises about AV detection
2013-07-12 16:13:02 -05:00
bc88732400
Prints don't need to be rescued
2013-07-12 15:56:04 -05:00
e2f6218104
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-12 08:38:08 -05:00
529471ed53
Land #2081 - MediaCoder .M3U Buffer Overflow
2013-07-11 23:57:43 -05:00
1341d6ec6b
Remove extra commas and try to keep a line in 100 columns
2013-07-11 23:54:54 -05:00
937642762f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-11 15:20:33 -05:00
1cf65623d6
Small desc update
2013-07-11 13:20:39 -05:00
d9107d2bd9
Add module for CVE-2013-3248
2013-07-11 12:30:08 -05:00
16c9effcb4
make msftidy happy
2013-07-11 00:32:32 +07:00
8de88cbd05
change target from win7 sp1 to win7 sp0, fix description
2013-07-11 00:14:30 +07:00
64b2f3f7a0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-08 16:55:39 -05:00
8d7396d60a
Minor description changes on new modules
2013-07-08 16:24:40 -05:00
6a9a9ac20a
Merge branch 'module-mediacoder-m3u' of https://github.com/modpr0be/metasploit-framework
2013-07-08 15:53:36 -05:00
8ab8eb8e59
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-08 15:52:31 -05:00
b2a18c37ee
add dll references for rop
2013-07-09 03:20:05 +07:00
3f874f504c
Use metadata
2013-07-08 09:25:02 -05:00
512dd7d15a
Update title
2013-07-08 09:11:31 -05:00
c60aeaa202
Add module for CVE-2013-3482
2013-07-08 09:11:10 -05:00
ed6d88a28b
credit to mona.py for rop
2013-07-07 18:07:05 +07:00
ecb2667401
remove seh mixin and fix the rop nop address
2013-07-06 23:08:51 +07:00
fc5e5a5aad
Fixup description
2013-07-06 09:29:32 +01:00
22601e6cc7
Exit process when complete
2013-07-06 09:27:27 +01:00
23d2bfc915
add more author
2013-07-06 11:52:16 +07:00
b8354d3d6c
Added MediaCoder exploit module
2013-07-06 11:07:11 +07:00
0e84886bce
Spawn 32bit process
2013-07-05 22:56:21 +01:00
2bfe8b3b29
msftidy
2013-07-05 22:35:22 +01:00
5dc2492b20
Renamed module
2013-07-05 22:32:15 +01:00
0ce3fe2e7c
Added service status checks to Post::Windows::Services
...
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
2013-07-05 22:25:04 +01:00
66c2b79177
Initial commit
2013-07-05 19:48:27 +01:00
7f645807f6
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-05 10:25:41 -05:00
ad94f434ab
Avoid a fix address for the final userland payload
2013-07-05 10:21:11 -05:00
479664b5aa
Remove redundant file
2013-07-04 12:07:14 +01:00
cd159960e1
Tidy
2013-07-04 12:02:32 +01:00
9c1a43a417
Check payload arch
2013-07-04 11:46:34 +01:00
83bc32abb4
Remove Exploit::Exe
2013-07-04 11:01:01 +01:00
7d6a78bf1f
Remove report aux
2013-07-04 10:36:32 +01:00
555140b85a
Add warning for persist
2013-07-04 10:30:03 +01:00
44cdc0a1c8
Move options to lib
2013-07-04 10:25:37 +01:00
1368c1c27f
Move options to lib
2013-07-04 10:25:08 +01:00
8590720890
Use fail_with
2013-07-04 10:21:24 +01:00
3eab7107b8
Remove opt supplied by lib
2013-07-04 10:16:03 +01:00
7d273b2c8b
Refactor to psexec lib
2013-07-04 10:11:13 +01:00
1569a15856
Msf license
2013-07-04 10:08:29 +01:00
052c23b980
Add missing require
2013-07-04 09:58:48 +01:00
6fa60be76f
Merge branch 'psexec_psh' of https://github.com/sempervictus/metasploit-framework into psexec_psh
2013-07-04 09:42:18 +01:00
226f4dd8cc
Use execute_shellcode for novell_client_nicm.rb
2013-07-03 13:57:41 -05:00
f9cfba9021
Use execute_shellcode for novell_client_nwfs.rb
2013-07-03 13:55:50 -05:00
6e44cb56bf
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-03 12:44:47 -05:00
2f77e8626f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-03 11:56:25 -05:00
7ef5695867
[FixRM:#8129] - Remove invalid metasploit.com references
...
These "metasploit.com" references aren't related to the vulns,
shouldn't be in them.
2013-07-03 11:52:10 -05:00
2a6056fd2a
exploits/s4u_persistence~Fixed typos+default values
2013-07-03 00:38:50 +01:00
146d1eb27d
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-02 10:06:00 -05:00
1110aefe49
Land #2038 , @modpr0be exploit for ABBS Audio Media Player
2013-07-01 23:20:50 -05:00
2e5398470b
remove additional junk, tested and not needed
2013-07-02 09:23:42 +07:00
72f19181d1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-01 16:38:19 -05:00
9b8bfa6290
change last junk from rand_text_alpha_upper to rand_text
2013-07-01 23:49:19 +07:00
c631778a38
make a nice way to fill the rest of buffer
2013-07-01 23:39:08 +07:00
dbce1b36e5
Land #2036 - CVE-2013-3660
...
Thx Tavis, Keebie4e, and Meatballs
2013-07-01 10:55:51 -05:00
478beee38b
remove unnecessary option and make msftidy happy
2013-07-01 18:51:47 +07:00
f16d097c00
clean version, tested on winxp sp3 and win7 sp1
2013-07-01 18:35:50 +07:00
f58f481399
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-30 22:36:46 -05:00
e0ae71e874
minor fixing in the exploit module description
2013-07-01 03:27:06 +07:00
007fddb6bf
remove SEH function, not needed
2013-07-01 03:13:20 +07:00
1e4b69ab03
Added abbs amp exploit module
2013-07-01 03:08:22 +07:00
a2b8daf149
Modify fail message when exploitation doen't success
2013-06-29 10:45:13 -05:00
a5c3f4ca9b
Modify ruby code according to comments
2013-06-29 08:54:00 -05:00
427e26c4dc
Fix current_pid
2013-06-28 21:36:49 -05:00
32ae7ec2fa
Fix error description and bad variable usage
2013-06-28 21:30:33 -05:00
fb67002df9
Switch from print_error to print_warning
2013-06-28 21:29:20 -05:00
3ab948209b
Fix module according to @wchen-r7 feedback
2013-06-28 20:44:42 -05:00
00416f3430
Add a new print_status
2013-06-28 18:23:49 -05:00
7725937461
Add Module for cve-2013-3660
2013-06-28 18:18:21 -05:00
90b30dc317
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-26 14:31:52 -05:00
6ea622c45e
reference updates
2013-06-26 09:44:56 -05:00
7ab4d4dcc4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 17:34:29 -05:00
5b71013dde
reference updates
2013-06-25 13:41:22 -05:00
0c306260be
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 09:13:01 -05:00
d6374ddfff
Land #2020 , CVE and OSVDB update
2013-06-25 08:17:54 -05:00
4df943d1a2
CVE and OSVDB update
2013-06-25 02:06:20 -05:00
795dd6a02a
Add module for OSVDB 93718
2013-06-24 23:51:28 -05:00
ca8ce363b8
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-24 16:32:55 -05:00
b3d90c68a4
Land #2008 - More OSVDB refs
2013-06-24 01:53:29 -05:00
31fcb911f2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-23 21:41:10 -05:00
a920127f8c
reference updates for several modules
2013-06-23 20:43:34 -05:00
5b0092ff39
Land #2006 - Ref updates
2013-06-23 18:26:48 -05:00
2150d9efb0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-22 12:06:18 -05:00
427f063c48
fix formatting
2013-06-22 07:32:29 -05:00
1e25dedb66
fix formatting
2013-06-22 07:31:47 -05:00
14850cd387
reference updates for multiple modules
2013-06-22 07:28:04 -05:00
de659326ce
Land #2003 - Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation
2013-06-21 21:52:32 -05:00
Rick Flores (nanotechz9l)
sinn3r
jvazquez-r7
William Vu
Tod Beardsley
James Lee
Meatballs
Tab Assassin
violet
Steve Tornio
HD Moore
bcoles
Nathan Einwechter
Sagi Shahar
Markus Wulftange
Ruslaideemin
Sean Verity
modpr0be
g0tmi1k